InfoSec Handlers Diary Blog

In the past we have seen malware being delivered via Google Docs. You would receive an email stating that a document had been shared and when you clicked the link bad things would start to happen. In recent weeks the same approach has increasingly been used to Phish. You would receive an email along these lines:

Hello,

We sent you an attachment about your booking using Google Drive

I have sent the attachment for you using Google Drive So Click the Google Drive link below

to view the attachment..

<button>Google Drive</button>

Once the link is clicked you are sent through to a web site where you are presented with the following screen:

Clicking on any of these will ask you for a userid and password for that service. The link in the email should be easily recognised by people as obviously not being a Google link, but many still do not check this. If you are doing an awareness campaign or reminder, maybe include some info on recognising phishing links.